Marcel SIneM(S)USJun 15, 2024
#CISA warnt: Kritischer #PHP-Bug wird von #Ransomware ausgenutzt | Security https://www.heise.de/news/CISA-warnt-Kritischer-PHP-Bug-wird-von-Ransomware-ausgenutzt-9762259.html #Malware #Patchday #TellYouThePass
CISA warnt: Kritischer PHP-Bug wird von Ransomware ausgenutzt

Automatisierte Attacken gegen Windows-Systeme mit PHP-CGI führen zur Infektion. Die Angreifer laden Schadcode nach und verschlüsseln den Server.

heise online
CensysJun 14, 2024
#TellYouThePass operators weaponized CVE-2024-4577 to breach nearly 1,800 public hosts by June 10, with most compromised systems located in #China. Our scans reveal that the ransomware alters a service’s appearance to resemble an open directory. For more ➡️ https://censys.com/cve-2024-4577-pt2/
June 14, 2024: TellYouThePass Ransomware Leverages PHP Vulnerability CVE-2024-4577

Censys
CensysJun 12, 2024
📊 Live dashboard tracking #TellYouThePass ransomware infections actively exploiting #PHP hosts vulnerable to CVE-2024-4577: https://lookerstudio.google.com/s/mhnJviXMP4I. As of June 11, we’ve detected ~1,700 public-facing infected hosts online.
PHP Infected Hosts

Looker Studio turns your data into informative dashboards and reports that are easy to read, easy to share, and fully customizable.

Looker Studio
The Threat CodexJun 12, 2024
Update: CVE-2024-4577 quickly weaponized to distribute “TellYouThePass” Ransomware
#CVE_2024_4577 #TellYouThePass
https://www.imperva.com/blog/update-cve-2024-4577-quickly-weaponized-to-distribute-tellyouthepass-ransomware/
Update: CVE-2024-4577 quickly weaponized to distribute “TellYouThePass” Ransomware | Imperva

CVE-2024-4577 quickly weaponized to distribute “TellYouThePass” Ransomware

Blog